Monitor > Packet Capture

All Palo Alto Networks firewalls have a built-in packet capture (pcap) feature you can use to capture packets that traverse the network interfaces on the firewall. You can then use the captured data for troubleshooting purposes or to create custom application signatures.

The packet capture feature is CPU-intensive and can degrade firewall performance. Only use this feature when necessary and make sure to turn it off after you collect the required packets.

What do you want to know?	See:
What are the different methods the firewall can use to capture packets?	Packet Capture Overview
How do I generate a custom packet capture?	Building Blocks for a Custom Packet Capture
How do I generate packet captures when the firewall detects a threat?	Enable Threat Packet Capture
Where do I download a packet capture?	Packet Capture Overview
Looking for more?
Turn on extended packet capture for security profiles.	Device > Setup > Content-ID
Use packet capture to write custom application signatures.	See Custom Signatures.
Prevent a firewall admin from viewing packet captures.	Define Web Interface Administrator Access.
See an example.	See Take Packet Captures.

Document:PAN-OS Web Interface Help

Monitor > Packet Capture

Monitor > Packet Capture

Recommended For You

Document:PAN-OS Web Interface Help

Monitor > Packet Capture

Monitor > Packet Capture

Recommended For You

Recommended Videos